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5Ve claim: \ 

1 . A methoQ for generating a cryptographic key using at least one parameter 
comprising the steps of: 

retrieving at least one cryptographic share from a memory location identified as a 
function of said at least one parameter; and 

generating a cryptographic key based on said at least one cryptographic share. 

2. The methodlof claim 1 wherein said at least one retrieved cryptographic share 
is encrypted, said method further comprising the step of 

decrypting said at least one cryptographic share. 

3. The method oi claim 2 wherein said step of decrypting comprises the step of: 
decrypting using a value computed as a function of said at least one parameter. 

4. The method of claim 1 wherein said at least one retrieved cryptographic share 
is compressed, said method further comprising the step of: 

decompressing saidl at least one cryptographic share. 

5. The method of claim 4 wherein said step of decompressing comprises the step 
of: I 

decompressing said al least one cryptographic share using an index of said 
memory location. I 

6. The method of claim 1 wherein said at least one parameter represents at least 
one measurement of a physicallproperty. 

7. The method of claim u further comprising the step of: 

generating at least one inaex as a function of said at least one parameter; and 
using said index to identic said memory location. 
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8. The memod of claim 7 further comprising the step of: 
retrieving alcryptographic share from a memory location in the vicinity of said 
memory location identified by said index. 



9. The method of claim 7 wherein said step of generating at least one index 



comprises the step o 



10. ThemetHod 
predetermined range 



of claim 9 wherein said set of parameter values are within a 
of values. 



generating the same index for a set of parameter values. 



11 . A data sti ucture comprising: 
a plurality of ; torage locations; 
a first subset cf said plurality of storage locations containing valid cryptographic 
shares; and 

a second subse^t of said plurality of storage locations containing invalid 
cryptographic shares. 



12. Thd data structure of claim 1 1 wherein said first subset of storage 
locations correspond tq storage locations which are expected to be accessed during a 
legitimate computer resource access attempt. 

13. The data stmcture of claim 1 1 wherein said second subset of storage location 
correspond to storage ideations which are expected to be accessed during an illegitimate 
computer resource access attempt. 



14. The data stn^cture of claim 1 1 wherein at least some of said cryptographic 
shares are encrypted. 
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15. The data strucmre of claim 14 wherein said encrypted cryptographic shares 
are encrypted with a passvdord. 

16. The data structi|re of claim 1 1 wherein at least some of said cryptographic 
shares are compressed. 

17. The data structure of claim 1 1 wherein said cryptographic shares are 
cryptographic shares of a polynomial secret sharing scheme. 

18. The data structure of claim 1 1 wherein said cryptographic shares are 
cryptographic shares of a veotor space secret sharing scheme. 

19. A method for maintaining a data structure which has valid cryptographic 
shares stored in a plurality ofllocations, said method comprising the step of: 

periodically changing jthe number of locations that contain valid cryptographic 

shares. 



20. The method of cl 
locations that contain valid crjfp 

storing invalid cryptog 
contained valid cryptographic 



m 19 wherein said step of changing the number of 
tographic shares comprises the step of: 
aphic shares in at least some locations which previously 
shares. 



2 1 . The method of claitn 
storing said invalid cry )tographi 
accessed in connection with an 



20 further comprising the step of: 

c shares in locations which are not expected to be 
authorized computer resource access attempt. 



22. The method of clai n 19 wherein said step of changing the number of 
locations that contain valid cry Dtographic shares comprises the step of: 

storing valid cryptographic shares in at least some locations which previously 
contained invalid cryptographid shares. 
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23. The 
storing said va 
accessed in connectior. 



24. A method 
measuring a 



method of claim 22 further comprising the step of: 

id cryptographic shares in locations which are expected to be 
with an authorized computer resource access attempt. 



For j 



retrieving from 
said plurality 

generating a 



generating a cryptographic key comprising the steps of: 
pl^ality of keystroke features during entry of a password; 

a data structure a plurality of cryptographic shares as a function of 
of keystroke features; and 

cr> ptographic key using said cryptographic shares. 



25. The method of claim 24 wherein said cryptographic shares represent points 
on a polynomial. 

26. The method of claim 24 wherein said cryptographic shares represent vectors. 



27. The method 

28. The method 
of points on a polynomi 
structure location. 



of claim 24 wherein said cryptographic shares are compressed. 

Df claim 27 wherein said cryptographic shares comprise values 
and the corresponding x values are derivable from a data 



29. The method of claim 24 further comprising the step of: 

generating a plurality of indices as a function of said keystroke features; and 
using said plurality of indices to identify locations within said data structure from 
which to retrieve said cryptographic shares. 

30. The method of claim 29 wherein said step of generating a plurality of indices 
as a function of said keystipke features comprises the step of: 
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for each of sai- 1 
a threshold value. 



3 1 . The method 
as a function of said 

for each of saic 
function of a plurality 



keystroke features, generating one of two indices as a function of 



of claim 29 wherein said step of generating a plurality of indices 
keystroke features comprises the step of: 

keystroke features, generating one of a plurality of indices as a 
)f threshold values. 



32. The method of claim 24 wherein said cryptographic shares stored in said data 
structure are encrypted,! said method further comprising the step of: 
decrypting said cryptographic shares using said password. 



33. The method pf claim 24 further comprising the steps of: 
maintaining a history file containing information relating to prior successful key 

generation attempts; and 

based on said histbry file, storing invalid cryptographic shares in data structure 

locations which are not e>^ected to be accessed during subsequent legitimate key 

generation attempts. 



34. A method for generating a cryptographic key using a plurality of parameters 
having a sequence and representing physical measurements, said method comprising the 
steps of: 

for each of said pluratlity of parameters: 

retrieving an encrypted cryptographic share from a memory 
location as a fmnction of the sequence of said parameter; 

decrypttng said encrypted cryptographic share with a function of 
said parameter;! and 
generating a cryptographic key using said decrypted cryptographic shares. 
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35. The metHod of claim 34 wherein said physical measurements are 
measurements of DNA. 

36. The methcld of claim 34 wherein said function of said parameter used to 
decrypt said encrypted! cryptographic share is a hash function. 

37. A data structure for use in generating a cryptographic key based on n 
parameters representing physical measurements, said data structure comprising: 

n storage locations each associated with a respective one of said n parameters, 
each particular storage location containing an encrypted cryptographic share which was 
encrypted using an expected value of a function of the parameter associated with said 
particular storage location. 1 

38. The data structujfe of claim 37 wherein said function is a hash function. 

of claim 37 wherein said cryptographic key may be 
ptographic shares. 




39. The data structuri 
generated using less than n cr 
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